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A global server {106; tnetudes a eomfnurjscasorrs engine tot esiab&sfting s commursjcations isnk wrtft a cf«mt {114a}; security! 
maans coupled to the communications engine for deterroinmcj client privileges; 8 servist host m<$m coupled to toe seouniy means j 
for providing to tne client (1 14a). based on the client pnvtteges, an aopsst whtcrs enables I/O vwin a secured service (I10a):l 
and a fceysafe tor storing a key which enables access to She secured ssrvice { 1 10;a). The giobaf server rnsy be coupted to multiple j 

I sites, wneresn each site provides muf&cte services. Each Site may Pe orotscted fey 3 ficewaii Accordingly, the global! 

I server stores the keys for enable communicatee via the ilrewsils !1 16) with trie services O 10:3). j 

;{5?) Abrege j 

i Ur serveur giobs! {106) corriprersd un moteur de cowmuRfca^ons permeitant d'etabitr une bason de communications avec un 
s.W s t «i> x s ncv - jo ,(o j< c 1 \n tirk"> t ti r N iet de nornntunieaSops, charges d'evaiuer Ses privileges des clients, ijr; 
j rrtcteef bote mwi-seivsijr accouple aux moyens de seeufssaton pour foumsr a« client (114a}, sur la oase des prts'iiegss aecordes 
law clien!. yne mini-appiscatlon autorisant I/O svec im service seeurise, et une seainte de cle pour fa m&rsonsaSQfi tfuras de 
| arjr.oriser-1 raecec ay ce;vice service L.e s^rveri; ^iocel pent etre couple s des Sites multiples, cheque r«te toe rnw.ant <ie;s 
j services m;jitipi<»^ CMao ; .:e ate pen? etre p-orege par ;jr; coupe -feu (118) En cense-.^ief-ce : le servear global .i-emohse !es c;«s 
i pour autorsser sa communication, via tes coup&-feu $116), avsc ies servicsss (1 10a), 
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SYjOffMAND MV-.THO.O FOR ENABLING SECURE ACi&XS TO S-^Via.S IN A 
< < >M£irn;RN|:l < yOB.K 

K-Vi KGRs -l.'-.'ilL 1 ]:. iilj .i\.v>NTi<>N 

This invoni!or> relates sitrrseraity to cotrtputsf siet^wks, and mors patiitulafly to ;s 
system -ind method tor enabling sects c access ts services In a compute. oetwixk.2. 
Ueso-irffion t-i'she Back pro ti no;. Art 

in its Iniaacy, Use isnerne: prs>\-kted a ;ssearch~or;ei:5ed cj-Mtoatnc»t whexe users and 
boss;; '-vote interested vr. a tree open exchange c>f inlbvina-iofi. and where users afsd hosts 
mntaally trusted one another. However. th<.' lijfcnssi has grovel ^rainaiealiy. '-isrreriiiy 
ustef connecting abotii KKUK/O eon-pxrier netvvo-ks a-K: f-everai irhiiiot- user:>. Bsca'.jss of its 
v?js jfiA op::n.a;-rs, -he internet (•*:• bccc-site a tarjjil of diitss Sbeh. d;-;a aherahim an-j oi-her 

Virtually everyone on the internet is vubic-cabfe. Before cossneciirig, compares 
biiAfice :i;<? rewafcss of an internet connec-son ag;nt::;s rishsofa seu-.'i-y hrsa;.b Gsrevsi 
sect-riiy iechrnctses heip provide ckent sad ;:ervsr authentication, data vsni'sdejit-ah-y . ; ; y.sser:! 

The tfiost popular of the eo;r?nt security tevhnioxie;; is a tirsvraii, wbsd; :;v:.h.id;;:i an 
intertnediste sysjerf: positioned bc£weer; a trus-ed network and the internet. The firewall 
represent;-. <;n ftate.r pmraetsr of security for pnrver-.hrtg tmsutho! i^x- «>nm-;u;nc.-atio!i i-etweea 
ihe frosted network and the interns;. A firewall may int.iudc saceiHstg ■laiite'fs, proxy servers 
and . appiiwitiiKi-iayffr gateways, 

for user;; on -he interne:: to gain acoe:>;> no protected services ;;n the tru;:ssfi r^vwark. 
they ?nay be retfinted to provids their idenc-ry to ihe. firewall by sortie rc-eans siid* as erne.ri.;\>; 
a password or c-y comp'Jtini; a response ?o a chr:i;er ; ge wsing a haxfosmt token. Witl; proper 
au-hrtstw £ <. t t s 5 > s t ; ss t ti * v i 11 t t 1 ^} 1 s 

typically lirnitfcd to a r«edc;ennined ;x\ of service* such ;s:> e-mail, FTP. e;c 
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Soritr :of~if !::rsv.osk rt:.:j:i<.>ef* p;;sor .uxi o^'skh- she fhew.sls .yrvfi . -ihen re:'wcu ic 

remote »ser but prcmdmg iiafc secunty, 

A De-Miisfesmed ?msk, or DM?., sits betwcea two fjrewalb prosectssg a u»sied 
5 «?<%>>■<•■ k 1 sc e-acrnal fin-w.sil pw.veet ; ■xrvers in >ht- DM2 ir;-ii >:>:tor?v.i thrests- while 
a:!i--v»injt ; lypct Tex-; Trati.-fcr S'rof^cc-s i ; J7 ; Pi revests. The snScsnaS is; e«-s$5 prmtc h- ihv. 
tftKJcd rKtwofk In iiie event ttta: o;*e of she <.esve;s us IbW xs coiiiptora&cJ. Massy 
ccmpariwi. ;ssc DM/;; u> maintain shes; web servers. 

Another ~>Karjty technique Ibt |»o!ecting coopiiier nsu*i>tks is -he h--jsnc:<: u$c 

10 of a public key certificate:; Hubhc key tloatc? ;r s ^suesi to a party by a a-rtjJkate 

aoihorhy, «1. M.i s»> ; t)C '.(ietii-xS vslfdat fut: pasty's uicni-ty ;sr,<S issues a <.ensiu.a!e stauss; 
xht' party's n:srs;c aiu: pcbik key. A.': «vtiJen;:e of atslhsfifccsty. Use ceriifkats :s«*hoi - ity 
Jkiut'iy iiiitsi:: the port's cesuficaie u;.s:ij' ihc ceriilkdSv ,iu.S:K>fx;y , i. pnvate key 

Thus, when s uses vis a cheat comparer connects to a server, the clm& compa-et and 

15 server «xehasss?:e pub he key certificates. Each party verifies the authenticity of the received 
cerhru ales by u:.i;)£ the certificate, suiiiociiy's. ptttjht Key i> vcrliy thr -ipA's'tite of the 
certificate. lb<3, by etscryptinj ;nc$.\as<.>e.-; v>t:i> -he ierves ; puhhc ke> -he itsei t~;;i set-ii 
secuse w'stsntu-cusiiOiSS t< ; Use .vnver, :!nc! bv cacrypUfifi; friessages, with iht: user's pij^jjc kev 
•he s.cEvcs c<L : i send secure c<.!&s;)uSi!catior3.> tc> the user. Although any p.sfly Wii'hi presesi a 

20 ptih-Uc key certiftca-e, oniy the n,«i ustr and ;hc real ho»i have vhs conesp'jsdiJSii private key 
needed t» decrypt she message. Kxatrsples of aiiShcrnicAtsoo send key vb;;Uv;ui;»a eotnptiicr 
secusiiy iystoxis sn^iuds !hs Ker''>eT.:is' rt security ;;ysi.etn developed bv t!w Mssss&Jiusen? 
Ir^iit-.Jie ai Teehnoiogv and Lhe NeiSl'"* s-eeuttiy synem by th- IBM Corpora 5 ;os; 

Trsesc seevriirv Uxh tsquus sjo ss >S :-t\vs probktri:> a>:«c«;ea with the so^ning 

25 itsa^-sriifig i -jser. Fot U«r rtiajti;^ user, r-jasniair^rji; i:ic«tiScat:':« .-iuO^fjuuaiu-ij 

srstor-Aaiiors such xt pawuidi, ser-iiicat-x;, keys, et-:. *s a i.5iYif>er:-.<:,s>i:: pr;H-e\". S ; urtas;r. 
sccessas}? mulupk s>5.ii;ins recjsru;; nisiitlpiu' keys, which ohca ^-.re t-.-n i^-.n-.pk\ 'w* 
i-.x. Ai.sc, direct iiocer, tc- systei^f, behind J;rev t ?i; ; r-)mt$« .>'x;A!"i>- ) hetef-w, .t 
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5 iys»xm and method are needed to enable remote access i<? computer services easily arid 

^ SUMMARY OF fHJ-J:';vKNfiO.*, - 

5 The present inver-json provides system and mcthixf for e-is-Miag secuv? access to 

services in 3 computer network Use nervvork system includes ft gioba; wrvrr coupicd vis a 

?5 computer artwork it> computer services. The global server includes a t-oresnsijieatKws essoins 

Sot esJjMisfaing a corajnurtfcabMts link, with a rJlem: security meant coupled to the 
communication'? engine for determining client privilege* a ;*rv!et hosx engine coupled to tho 

,, £) 10 ::«;urity Etistins lor piovKling so : hc ciier;:.; t^mi on the client privilege:;, ssa :-ppist whicn 

enables I/O * - itf< a seciacd service, ana a kcysaj'c fos storing keys whit h enable. a:xcv> to 'he 
secure) wrow. Ihe global server (nay be ctmptod so tnuitipse i.hes, wherein ouch sue 

server stores the keys for enabling wauaujxicabon. via the firewalls with she services. 

I;? The method Includes site steps of establishing a commutations link wnh a client; 

identifying and authenticating Ihe dxent; ticterairting client privileges: providing to the client, 
based on tt-e client privileges, an anplei which enables I/O wish a secured service; and 
reisievtrsg a key which enables access to She secured servux. 

The system and method of the psresent inventioa advantageously provide a giobally- 

20 accessible trusted third puny, i e. ; iiie giohs; server Th»s tasted third p.jjty securely stores 
keys, and ar.ts *s a single idcKtsik-aijon arid aotheniit.abon service. Other systeras jnay l-c 
sccesscd through the. giob&l server !" he j>i"bal .server uses th« siorcd kevs to authenticate Use 
!;;;er «»ufcr an identity that is ondercuod ftv the ofhe; system's ex.i;:;bg security services, and 
csuhbsbes a vxxac communicates channel io the desired service Becst&e uf a global 

25 firewall, tbe global server is substantial projected from external threats. Accordingly &c 

45 

giobai server provides aulhorted clients with secure comrmaijcatioa through firewalls with 
services The global .«rv*r may enable muftipk level* of aienttficatiot: and 3«ta<.»nijc3U<?n 
Fervices Accotdingly. the g;<>bat server raay enable maltipk lev<»h o?'rsc««rc«' access h. l; .«i 
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<j!i \hz user's ifsfus. ti-e srr-;;ig;}u of the jdet-ufstaiicn aid the aiJihef:i!«ui{:» iii'j on the 

tVxanse i>:'(b!? g iob;: J iiwrwai! the io'en-meatloT: and authentication swvices 
C7?ffonT;0<J by (he giobai se;-vei\ cerpomtlofiS can .;5.C::e relatively secv« iftiortnailofi ox< she 
5 global server for use by :mthori?*d clicxfc. Yet, she present w«w!io3 ako wiatsles 

»:-.5qx>faiio»s u> nsainttm only « portion of dwir secret wfc.rmaa-.ja on the g3c*ai server, so ihat 
there vw««sd be orsiy ihls iimiiect ;os.s sriijutii she iniKiei third party Systran be ajKipf^mlajs. 
further, the giohsi str-vcr advantagwut.ly r-jay set as a cheat proxy for tonirojjijig <n.<,-.::.t. so 
services., fogging ustr ot key:; and logging access of resources. 
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BRIKf-' DESCRIPTION Of THE j>fiA.WlNGS 
KK- : ;s a h-t>ck diagram ;iiu$.tmmf'. s r^sK-jii^-iiser nefwork .is.«-^ yvsiCKi, «■ 

Fi<:; 2 js a block diagram illustrating details e;f an cxxmpicr dm,-, of ?I0. 5 : 
FIG. 3 is a bit*.* diagram iltanmng dcuah of vc global server of FKi 1 , 
PIG. 4 is a block i&sgrarR iiluKEra-hg dei.sib: oi an tcsampie service server of HG. I ; 
1 ; !C. 5 ;s a flowchart illustrating a me-hod lor rcntMcly aiteessitjg, a ssjvicc'. 
FK; i;; 3 ilowchart iilii-i-ra-jng details, (if -he FiG. '5 step c.T crcallng s link- be* vwn 
dtcst and Jhc giotai server oi; 

F-K). 7 illtnuauK an example wet) pag?; 

first csnbaeixKict'i. 

HG, Sh is a Ilwd»« uhisiming steiis of ihc PKk 5 step of accessing a service in 
scc«Bd ssr>b<xiir»erd; sssd 

FKf, 8C » a flowchart Utetr&tiag detaiis of the fKL S step oi accessing a scrvjes m 
third emboduxifsit. 
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HG. 1 is a block diagram diusttatsag sr, exemplary roaming-usst aenvork access 
svstetii 100 =rc ac-cwti.-mce w«h the present itivensjon Syst-.:m 50(> ;r : okides an inteye«sr,ectc 
network ofcojHpuiers referred to herem as an "irt'erriei" 502. System 100 further includes j 
first TOti.pafiY network 1 3 a -:«tjt;nd eompany aei^ttrfc I i >i\ a ku,:;k jv.work :3s anJ an 
i«:e.:?)et Service Provider (IS?) t-fr-w;;rfc i4!i. each rieiwork being imipied i.o -he internes 50.' 

Company network 3 'ii; intiude;. a firewaJi t lei ec-upied be'tweet; the I-jferset 10^ and 
•;;hr.m computer i i 4a. Cot-ipany network i 3 '$ incites a firewajJ 3 20 coupled beiweea -he 
interne: MC <uJ <ce s ■> - vouKjs,^ v^-r,juf> t<w>rk 318 ibr&et mcit-de 

s first srwev iOSa for pruvutag a fi«« servue 5 ii.'.i, a *toiu! txrvcr 108 b frsr pr&vidlng =i 
second service 3 ii.'b. ;i first dietst -.M^-puter 1 :4b storing, prograsv: for presiding a tt-irt) 
service 3 :0c aod a ss<:«citi client coiYtptfer { 1 4c, each be;rs> ooupieC to sij'nai bus ;i?0. 
Buxxip'w services 3 30a- i lOci xi-dude an c-tnaif ssrviee p70g-:rri. address., h«o& service 

The ktosk network 138 iadttdes a first chenx computta- i 34d gad 8 secostd eifettt 
!>.)ti:putcr I He, eaeb herag coupiec to the frratrrte; 102. " S>:e IS?' netwotk indudtsan V: 
; 48 «j«pr«i via a wireless cha-mcS 546 tc- a first ciiciK rampitter X \4f arsd coapicd vis 
■nc-cien;:; 5 b2 at;d 3 ;>6 and vsa tr«n$raissiot: h-)e 3 :'i-3 to a second diem coiKpaitf i 3% 

The Itiwinei f 0'2 hiciudes. a global ;:«rye.r i<)6 whkb 5s protected by a fdobd thx-A-ad 
3.04 and iodides a se-rvcj 308c for providing s .service ilOd latcfcotrtstiwiicstion i)ctw«cn 
eiient computers f i 4g and sstvices 5 10a--? 50d is aaMntpUsbed via the gic-baj server 
■ 06 It iw o atjjpie.. a user of any one ot fee chert c oss^tttets i I4a- "■ S 4g wants So access a 
semcc 3 3 0a - 3 i t'j>1 t'v^'hi c.b ;s provuisd at a tc-«rot>n within sy:;:era 3 Ot; tha-; is uski-wn to U-* 
user), -her; Ojc user appJiss a kno*r. Umfortr. Rss=t)urc« L^asor (UfcL) to atte^s. a web page 
(..persied by gitifcai server f Of* An example ^eb rage 'h)0 in shew isi arid desctii/ed wtth 
refereacc to HG. 7. The globs) jtrsw&U 504 ptotsm tt:e global .server 106 tfovp cxwnss) 
thxa«!s. 
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Before obtaining access privileges to the functionality provided by the global server 
106, she user must first obtain amhorizason tixm the global server 106. Obtaining 
aiKhcviy.atioo typically requires. »"<rr ide-riritteatiofi and atfihet-liartiOB, for e-c-mpie, \y..\nf. 
pobik-kev certificates. Once authenticate*, the global semi 5 Ob provides the user with 
5 access to the services ISQa-l fOd. It will be- appreciated ihat varying levels of access to 
serv-xt-::: I irta-s if'd wiM be ?ram:Sfl ba-xd Of- varym? Ktrststfhs of (dents Sicatj-in and 
authentication and eto the privacy of the aoramunuasttons channel. 

S c. ersaMe user access -o st;-.I conirnl of she -srviccs 5 10a-3 iOd. cJobal -..erver 
may use eorsveribonai applet;:. evicts or agtfjtt. is; a di&tributoJ network cnvsranirient. such 

10 as, the Java.™ distributed er<v>ron<ncm ptoduced by the Netscape Corporation. The jdobai 
server 1 ©6 provides tire user's sliest with access to and control of she service 1 i Qa-U0ci Tfte 
sjiobai rervcr 106 rtuv redirect, the user's eiier.i to access the service ; i S>a- } SOd ;h,eif, -be. 
glcK:) server ; {«) may access the service i 10a- i l«d itself and pm\ ice l-'O to she client by 
proxy, or the global server 106 may provide the service 1 J0M iOd itself Ilseac three 

15 di«er«»t modes of access to ihe services i } 0a- J I (til are described with reietencc Jo HQs, 8A- 

The global server 106 maintains the Betwork addresses of all Ihe services \ Hh-l Kki, 

20 passwords ocnifteaies needed to pais firewalls i U'i arid 120. Accordingly, Us& user need 
only maintain tar: URL of the global iervcr K;b. arid idermikaijof' aoc a^tbeti-ieation 
snJbrrtssllon vxh a ; : a p<it:swon1 or hardwaie token for obtaining access to the functionality of 
the global server 10c.. Tnt!:;, ths rosmin?. iKcroan access, computer r.ervices 1 50*- 1 10c Visiise 
any composer terminal which ;s connected t« trie Internet 102. 

FIG. 2 is a block diagram illustrating details ofa diem compter { 14, such thai t&ch 
ci eheaus i I -5a- 1 Ud is ati instance of trie client ■ 1 4 The clic-ti • i 4 ittcbtdes a Cc;;:rai 
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Pc^tii«P* rxcmptou;:*!* : Ar. wspul <lcv!ee 2?.0 such as a keyboard arsd motac. and an output 
rievice 2 50 such as -> Cathode Kay Tube (CRT) display are coupled vsa a slgaal bt« 240 to 
{. PU J 50. -X fowmunkatjoti.-i jnserface 2?0. :s d;;;;s sioraj;e device 26I- 1 such -is Head Only 
Memory (ROM> oi ;> roagtwte disk. »nd ,i fcjan-Jom-Access Memory {RAM ! <'h) a.-.: Itiriher 
5 coupled v!» svgnal bus 2.40 fc> CW 2i0. The communications tntnfecc iSO of client 

confute) 5 1 4 rs coupled to Use itsternet \0i: as shewn sr. a'ld described with H'fc-ef-ce 1;.. Tltj 



At; of-eranag system 280 iiscltides a piogram fur umttoilin? pressing by 0>lj 210, 
and typically itcsred jf. dais storage device .260 and ls;ad«l into &AM 270 ibr sxec»:!aop 
_^ 10 OpcraJing -system /SO includes, a i^rnrntiincaiiof) er-grwr 2 Si Ibr generating and wi^sfmlrsi; 

r- ^ <i<?t puk' >s ;t ■> m i- i Jt j^f-T-'i »<■» ;<> n tihi ifai x \~re\ \ >(i 

Operating, system 280 further inc.f-jdes an internet engine tiuch as <! web browser 
e.g . the Net^pe rH web browser produced by the Net: : t,ape Corporation or the iMtr.-rris-.J 
Explorer"* web browser produced by the Microsoft Corporation. The web browser 284 

15 snciades an eocrypuosj ersgjoe 285 fox encrypting messages using public and private keys, arid 
an applet engine 286 for execofersg applets 288 downloaded scores the global server 106 to 
enable the access. 10 computer service* I t0a-HOd Dowrdoad^i applet? 2$H rosy include 
secur » ifi-i s N 9i> u j i wi 1 1 1 < iik ui ! v vi< i < u »♦ *t o» 

frscsssgir iri: entity f.r:fvkes. iirsd e/rniik-cfte virf-inwjjioji Dj« btovv«;:' 284 further ;eceives web 

20 page data <1S I : HO. 3), tX"S.%s«v.t;ori data 3 l X5 arid lofoETiiatMrt idct-iify ii)g ;s of selectable 
services 1 1 0a- i \<kl and the irdortnatiof- tc dsipisy the web page (700. FIG. ?}■ The web 
b:oww.-/84 «tsijb'«s a. via the di<?:« H4a-I i4g tu select esc ot lh-r services ii0a-l |«>d 

Jt wist be appreciated ihat ;s ciient U4.i-ii4g such 33 client lt4bafay j-jcitjiJe a 
25 service 490 (ss« FIG. 4) tor providing a servio? :• ; 1 1 i;d js-uch as service 5 1 Oc. 

TtiLis. it ij, possible ibr a client 1 1 4b user to rwjuett access to strrvke i 10c via Use i<joi«l 
server 106, witho^r Jcaowffg that tire service I l«k i;: prodded by (.be«' I \4b. ^ccorJir^iy, 

SO 

■B- 
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the global server ;<>6 ^v;il provide wiefSt 1:4 with a;; applet 28S for providing user internee 
I/O of service 1 50c back lo client i 1 4b. 



FiO. ? is a block diagram diustratlns; details. »f the global scivsri 1 Oo. vshloh isiehsdes « 
5 CPU 3 i '•■> such as. a Motorola Power PC* ralcr*n>w««/f 0" an Intel Pentium* 

330 such as * CRT display sre co-spied vis a sigoai ous i4l> io CX'U >IQ. A mmmunicaiioti:: 

inteda;*". .5 SO. a 'lata storage device 361? sjcb .->.; ROM or 3 imgnekc. <i;&k. ffid x HAM l 70 are 

further tousled via. signal b-as 3-40 to C?U 310. Tfcs Mmrnurns-aitons jr-terface .H5t) is 
10 coi!Vf:i:;:o;\-:!;y cotspisii as pm of Use Internet f 02 t« the clients 1 1 4. Although the jdorwi 

{■tjvs! 106 'S fiescribed ;j.s ;s sitsijle computer. ;i vol; ix appreciated lha! the gioh.sS server it?': 

may inc-lade tnoltipie comparers networks. J together. 

Operating system 389 includes a prGgra.ro for corttfofktsg processing by CPU 3-iG, and 

is typically stored in data storage device 260 and loaded xcsio RAM 37(5 for execution. 
.15 Operating system 380 includes a coswmitscstSoa engsrse 382 for generating and transferring 

message packets to and ivom cheat computers 1 14 via the corntnumcatsoEK interlace. 350. 

Operating system 380 further includes, as pars of global fi«swsJl 1 04, security services 

3S4 for opciiing a c<KXin)U-utatkf:is chasmei with tisers.. I'-;;; example, v-tien a thef-i atiert-prs. 

to access the global serve* i06, she security services. SS4 Hi-si <}«riewn!«es whether the gjoiui 
20 setvet 106 accept:; .bvrxr.tod eotntnuitkador^ iron; a particular {*ort Snot shtjwn; ati'l wbetiter 

the servlet ho:>i. engine 3S6. described lieiov-, is ambon^ed to connect 10 rhat panicuiar pan. 

i I so. >he iewunty services '3S4 allows the comsratrjcatioris engine .Sisis to {.'pet; a 

corormiracatioas charm?! vt« the particular port ro dw ehcfn i 1 4a- 1 I4g. Otherwise, no 

channel mil be opened. 

25 'i'iie operating sys.teni .ISO fbrther includes a web engine 3S ? wtacii. bass;; oti user's, 

idfrrnifkatsr.n, the strength of the ';; authentication ;snd the privacy of the eomnnioicaui'OS 
channel, fotvvaid;; web pasce 'ioim YA atid tnfo.rf'iad x- ids'trviyir;? :>-.i of uvsilahle s.ctvk's:; 
I sOa-l ;0-i !■■; the client • Ma-H-'g. At: example p,i:-e 700 Is. ;.h«wf; a^fj <iescab*i wiih 
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reference lo F-O. 7 rw swrb eneine S8? cables a :o «}«t a wrrviee t Hte-i 104 ftom 

7 he we!> cr-giise i^tKu-Scs a serviet ho."! cngia* 2S') : which ciwiilosds secuniv 
appins > ,; ?0 induding art au&entjc&iioa applet (not sisown) tc- Use ohesii computer I i4 and 
sccoidhijpy exer ulcs an atntemicahnn ;x-fvier. ?97 of scrvtete for perforaung 
ktemtfuaium and authentication services. The aathnttRaUnn. aopJci 290 prompts ihc us« for 
identification and aoihcniicafeu infonrtaaon, aisd then comsnunjeatss &e infoRnatiuo to th? 
auihcriUtation serdei ?97. Trie :5idhenticat!oa serviet ^97 vcrtfte iha; the t-rfe-rrnaiwn is 
cone;,? It wsil t=c noied dial the usee's authentication jnforro&i lors is n«t tiecesssriiy sent to 
the aalh*ntii»tion series 397, but rather it;; oswtencc and cwiectness ss proves via a sw\t« 
ir^-ans suds Cts a secure, hash The sewUi hoM engirt .iS<6 fuilhtr iricfodes a sccuje 
r.ij^.r.itinicaiit'jii er-gjfie 396 which .'Kay use public key certificates. t-> fsetjc-Msic a ■secure 
cosnRiursicatsosss channel" wish Ask chent computer 1 14. 

Upon selection of a service UOa-1 10d. the scrvkt host engine 3 S6 dovwiloads a 
corresponding applet 3M, corresponding soasigBrauoa dsia 390 and ^responding use* data 

\ S4 t\<niig-jn>-;o.) {'.it* j; t auoe< rxc-maiu. « kv ii.-RtfO.jr.iV iwi's vc-h krewsej 
2>>4. for configuring &e dciwnioacied applets 28*. .-md far configuring fee. ;;«ecfc*i service 
3 ?<2a-l 10d. User data 392 may indude v-sewnd-service-speciS'it: itiie-rir>at<ori s<K.h as stemd 
bDokraasks, calendar daia, page; numbers, etc. which was spcdtical-y sttirwi cw the global 
ssrver 106 for easy acsrss. Service address mibrraauciii idesiifies die hx;aliofi of the 
services I iOa-5 iOd provided in system iOG by the gioh&J server i f X>. The dienf compiler 
i 14 specifies the cc-rrespe-ndiri?: downfoaded applet 2S5s, whicli via the serviet host engine 3S6 
(possibly U:>ing a corresponding .servJct 39Si} enables she ; iser 10 iuxctr> and tu cotstnji tiic 
i-»jrresp<-nding -services 5 50a- i lOd ibe downiii3dable appi>;is (.■orifigiif.ihi.'r, ;i;;;s ?^0. 
user dais 392 atsd ssrrvke address mfonsasUiiiR 394 niay be stored ob the data storage device 
369- 
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5 A keysafe 395 is a data file i<x coring each user's identification iRlorjnarioB, each 

user's public and private keys, each firewall's password Kifomtatioa, etc. The kcyssfe 395 ss 
organised in a linked list format so that, based on the selected service 5 ICte-HOd, th« global 

10 server K>> c&b retrieve the appropriate firewall's passwocd infotmaucfsv tf« appropriate user':- 

5 idei'tisiotitjn inlbfrr:ation and key;:, etc.. The key&afe "395 may be ttored on the data storage 
device 360, 



TOG. 4 is block diagram iiiiisuating devils of a $ervi« server 1 08, such that servers 
lOSa-SOSc and client 1Mb sre instances of server $08. Server SOS includes a CPU 41 0 ;;uch 
10 as a Motorola Pt!\ve; PC* roicr&pttKetsssr or an late; Petaititn* nMcrosrocessc-r. An input 
device 4/0 ;: : .)cb ;ss a keyboard and mosjise, and an output device -130 such as a CRT display 
are cowled via a sig-ial bus 440 to CPU 450. A ummurBcaiicns interface 430, a data storage 
device 460 such as RON* or magnetic disk, arse a RAM 470 arc fatthst couple via signs! 
bus 440 So CPU 410. The corosroHweations interface 450 is coupled to shs clients 114 as 
1 5 jtewn in and described with reference to FIG , .1 . 

The operating system 488 include;; & program for controlling pxoeessmg by CPU 410, 

Gyrating system 430 also itidi-des a commusiicaticn;; etigme 482 for generating and 
transf«xriB& message packets via the i»nimijrJ«-iic»)S HiierJ'aec 450 to and front ches-rs i 14 or 
20 to and fcorn global waver 106. *>pervi>jt:>> systems 480 further includes security services 484 
lot negotiating a secure channel with users, a secure s»«sjnt»itcatio»s engine 486 for opening 
the secure channel with the issers, and a service cag»«e 4-JO for providing a service 1 10a - 15 0c 
to Uw users. 

The service engit-e 490 includes a service interface 492 for recsivitsg as;d t-attsisting 
25 rera.ages to and Iron* downloaded applet:; 288 curremly executing on the tdxstn 114, and 

includes a service processor 494 «i:d service data 4% for ()V"cesMYf« the service requests frcw 
tt:e user . The service data 496 may include previous! y-generaied docttencttta, database 
information, sic. It will be appreciated that she service data *9o i& Mrailar to the user data. 



<92. sufh that it indudes the saint: type of inforawuoa b:;t •:> ;v..-)tv.i.jinsw us; the service sstvet 
5 OS instead ot"cr : tf* global swv«t 108 

FIG. 5 is a fiov^h&rt il;s>strsting a rrjeih.x; 50*> enabling a user to access services; 
5 10a- 1 iOti u; comptrter network system I GO. Method M>0 beghrs by the ciieni { ;4 ;t; step 
503 coating a comsBunkatiC-ns iiiik wits She global sctvcr f 06. biep SOS is. de;:£.rJ>ed in 
grcawr det.w! with reference io PIG. 6. The g&bai server 106 in step 5 i;> congnns thai the 
user has. priviiegss to access the fancriionatiiy ot the iHoba- serve:' i 06. Cci-ifjrtat-jg ussr 
access privileges rs;sy include exaftjirtsjig a user cert Lti care, ob^dng a secret password, using 
diphai si&natuie lechoosogy, etc. Et will be appreciated shat the security services 384 i»ay 
ciiuse. the- ;;erv;et host engine tr> forward a security appist ?89 via the conu»«&it.3ikiB$ 
chsru-sJ to the cheat i 14 for perforating uses- a^ifceftucabor:. 

After user .sccess privileges are confirmed, the wt 1 page engine 38? of the gfebsi 
s*tvet 106 ir : step 5 i dijvvdocitb web page data i a-sd co:i!!;:uraik>!s daw 590 -o the diet-; 
114. The browser ?M of the chem IW in «ep 5*0 tsses tt«r web page <taa 39; and the 
conGguraxio'ii dsta 390 to display 3 wrb page 70? (KKr. 7; 0;; the !'a;;»;t device 230 oi Has 
client 5 i4 and to ensbis acc ess to the services UOs-i I Dei which arc offered by the global 
s»vsr 106. An esSHipie web page 700 is ;;hO"w>; and tiesenbed with refcteasa; to FtCj. 7. 

f-totit the options listed ot; rise web page 700, ihe user in yep S2S via input device 220 
select; 3 service U0a-1 10$. la rcspoase, the serviei .best eagiae 386 of the global server 50'i 
in step S30 downloads the corresponding sppietts) 38S, applet corifigiirsnos data 390. uses 
dais 392 and possibly service address infotrriaiion 394 to the chord Applet eotiftgwatios 
data 390 preferably unci tides user-specific pjeferessc.es, snds as uses -preferrsd fonts, for 
coREijs'.Jrirjf, the. sdectesd ser.'ies 1 10a-1 1 tod. User data 392 ix-.ay bsohide asei-^peeifsc and 
service -speeifii: information stjeh as sto.red b-.xiknvsrks. esienskr date:, pager s«insbf:rs. -.ttc. 
Scrvic* address isifonrsation 194 tiientilics the Location of -he ;:eiected scrvse.e 1 iU3-l Hhi 
AiteunaL'veiy. Uw c^rtesptjiiding ap{Betj.s) 338, appif ( corifsgvaaiioa £i;sij> 39t>, t;ser <i?.i» i ll 
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35iu service :sd;:?cr;:s. inforiiation Vi4 ivmfii he.ve br:?;i dwaiotided in :.ncp 3;3 wiih ihs web 
pa?.c data '39! and conjuration data ? l >0. 

The applet rs^ine 286 of she cheat 5 14 in step 53 5 exec-Res the i or-espofiding 
downloaded applet 288. The service serves I OS in step 5.3? initiates foe semes engine 490, 
5 The ?!nbal sewer J 06 in step >S3 selects one of the tteee modes ot access degentad u> FIGs. 
8A-SC for enabUnj: ihs: ehem ttsmpuicr i f4 to eora^.iiniaise with the coRwposdjrij- service 
cr-gine 490. For example, ;f she user ;;eiec;s foe s» ice i lOd ot: server IQ&c, wi-.ich ;s run 
protected by a separaie fev?iii, ;isen the global server iOo may provide foe user with oirca 
access, if the use? selscis service 1 iOa provided by server lOhs wifoln company act work 
10 ! IS, trie* the gk-bal server ;0ci may at cm she service t ! as a proxy for -he: -jser. Is iviil be 
appreciated thai -.saeh firev*«ii; .: 06 «nd 5 ?.o may su-re policies. cstsbUshjtJg the proper mude «f 

indxtd* user preference, availability and ?easiMi;y, The gibtai server 106 in step 540 
provides the etal 1 14 msbt with access t» the selected service i 10a- I 10d. Step 540 is 

>!( ' x >vv » i ii « j itn<- ^ s < t f 1 1 N < mu \ i&^iiul 
user ?n .step 603 uring a kwrnn Us;i5;jrtn Resource Locator <URL) w> call ihc global arrvw 
106. The gtobal server 10c, and Use cheat 1 14 m step "07 awte a wttvve coomiuiucauoiK 

20 channel foercbefwesr;, poss;hsy by appiyit-g Secure Socket l^jyct < SSL} icch»olBf.y. Thai is, 
the sceurisy services 384 of -he global server 306 in step 610 determine if in-bcuKtrf secure 
cot!Ki:wnicatio«s arc permitted and, si" so, creates s coinnittrticaiiori-; charge! wish the client 
! 14 The browser 284 of thechent 13 4 and the sec-why ssjvk-es 3S4cf the gk-ba; server h?6 
ssi step 6 i neeokats secure cos;imurilc3ti««s clisnnci patametcf s, rr-sjssibfy tuing pubhc key 

25 ee:t:t;c.5\tc;;. An example sec-.Be corriinu-neatiotrs channel h HoA with RC4 erscrvpnur; it 
veil- be i!ppreet;:»ed shat die g^ixii server 106 -nay !5c eo'itigirred t;> use one ot fen sreryptiors 
protocol;; and thechwrt 1 14 wey be enabled >o :i;>rr one ;>t i:ve ersciyvjijot, prottjols. fc-ep 61 > 
tints may ir-.dysje wtemg one of L*ie znefyptov-n p.:ot->eois wfrcrt rs cotjitijotj in both the 
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5 giobs! server 5 06 and the clktu H4. The e.ooypfcor: <snfar>f. 285 of the citen! 1 14 &«d ?ccttf« 

cornnRiriicatiofts er.gstse of ! ht- jjUsbai ^rvi-.r I 14 in ;;!ep 020 use -he ;;:■>: s;rv, chap.fKi 
piirisnffie-vs to crcsif -he. ;Ks;«rc cornrrswiicaii-jris £.?>aRr»;i Method 505 Shers ends.. 

5 Flu '- ; ;hus!rat£s an >i>:art;p;* IjRL-sddrvssactk iiypetText Markup Lai-gwagr. 

(\ rrML ! based wch page 700, as raiarosawrd by tb* sevvie? h«»x engine 386. The vttb page 
?5 700 includes a ii«ic ? i 0 "Web Page," a listing of }hc provided ieivk-es ? 15 ajhi a po«i'er 770 

for sete:iifsg c«w of ir*: provided services 715. Ai jlte-snr-ited, the provided services 7;5 may 

srjchi'ie at- e-fsiaii service 720, a o^.ienci3fii;g. serv:« 7?G, ars irftemet access service 7-10, a 
^ 10 paging service. 750 at.-.} a ia:< sending service 750. Aithciogb not *.h-.>wn. other services si:;.!- 

as i...x>br;,-ijk'MH>, Quick Card™, err. rf::iy bs included it; ibs web js^e 700. 



FIG. is a Oovvi.har; illustrating riet^is i: f step ?4-0 in a first embotSbriet-i, referred 
io gs ssep 540a, wherein the global server 1 06 provide Jhe client 1 1 4 with a dwa coiaseaion 

15 to the service S 10a- 1 iOd. Step 549a begins by she dowrikssded applet 288 in step SOS 

s^uievmp. she service address 394 of the seleaed service 1 S.Oa-S iOd from data storage device 
3oG atid !«e .-uthendeaiwn iTS.torrnatior: tor she scniu. 1 i 03-1 i U;.t -Vcmt 0";C- xeywfe i'i.5. The 
ecnsJTiiinicaii-jns ermine 232 if- step S 1 0 creates a dir^t arid secure corinee.tiov! with tt;e 
(WKttrr,uj)it.aiu«is engine 4%2 of she ::« vicc server 508 at she retrieved sendee <:d<ire;,f.. and 

20 uses the atiSbesti cation sKfotHiiitic-n u> authcEiticatc it-sK. The applet 28* in s?ep S ; S acts as 
rhe b'O irneriace wish the service etisjirse. Step 540a then ttrsds. 

FIG. 88 is a fkwcfc&niifastratirif: details of step 540 in a second mibc-dlsratst. 
referred to as step S40S. wherein ihrr global server 100 acts &< the cheat 1 14 « a proxy to she 
23 service H«<vl UkS Step 540* begiris. wjci- tfic applet in itep 840 retriev.r.§ the "service" 
addv« : ; ; ;. which resuhs in dirse-dng h to the giobaS server ;06. Thui, the applet 2«S in «ep 
§4:1 creates a cofcnectior: with ;fee global server U>o. The servie; hr...--: er-.giftc '3Sii of tiw £k?bjJ 
se-rve-r ■ (,>-5 in step 850 retrieves ihe sen-ice address of ihe «-.:«cted seevsco i i 0a- 1 ■ Od and i-he. 



anthe^-iea-ion inihrrnaiicm l<* ttts xrfeUfti servi>.:« i 10a- UQd r/om the fce>-*sfe ?>«3. The 

channel paratneters for creating a secure chanmr) "^fih the secure cooOTtunicaiinns engi«e 
afi)*strviceserwr I OH 

Hereafter, the apples 288 in step 860 aas as the f/O bserface (et-sbta: she aar to 
make requests of the service cngi«e 490} wish toe secure c<smmys»caikms eagsae 396 of the 
gjofc&t server tOfi. ifth-r ser* hc-M engine 3§(> ws sicp 8&5 determines thai it is uaaataorized 
to per S'or-n a client i user's request, U:r:n the servici hosi engine 336 in step 870 determines 
v>h«;her the method S40b ends, e.g , whether she user has qvat H so. rhsn method 22 f >b ends. 
Other-vise, method 5-»0b serums so step 860 ;<> ohtam another request. H (he tfirvki hcis» 
engine 3«h in step SSS ileterttncse? shat st is authorize so perform the client 1 S4 user's 
request, thc.n tse scfvfeJ h-.isr eneine )86, possiNy asiag servies.s 3'i8, acts ss the proxy for the 
client 1 14 to fee service engine 490, As ptoxy.the setvlex host engine 386 forwards the 



FIG. 8C is. a flo wchart tSJusBSting derails of step 540 m athxrd embodiment, referred 
to as step S40c, whereia She service S 10a- 1 10d beSag requested is located on the glohai server 
K>6 Step 5*0c begins, vwth the applet :S8 m step 380 retrieve the »mw address U>; the 
service S iC-a- i !0d. wiacts results in p.oviding the applet 288 with live service address. ;-f tr.e 
service 1 JOa-liCki on the global server {06. Thus. the applet 28» va step SSi: eresies a secure 
connection v. ith f.he global server 106. No acI-:iiiiot;:si step of iden-ilkatiot; and .snthentscatiors 
is needed since she dieot E 14 has already identified and authejitieaiad itself to the global. 

In step 8S4, a determination is made whether the service 110a- J \M is eno'e.of.ty 
r-.intnns, Lxr "c e J> 'c* r< nil >. •« ^ .vjv^icr tt e s .^t^ I , 1 ii J . w 

handle saaltipie users. If not, then the glo ttal server 1 06 ta step 890 creates m instance for the 
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u:kk wri its* sppic >*8 :« ;.te P S« acL» as ths.- I/O ittSirfstcr wi-h the servuv; ! j'k-i 10d c-r, ti 
global server 106. Otherwise, if the servtee UOa-3 1 &i «■» step 886 deteorsiass that ii eannei 
handle multiple ihet: sr!-'ho;i 540a prc-^s-scis. to f-top L-'uriht-r . if ia :.t?p Svl the 

plot;;! scfvsi 506 ck-enT^sse-; t.vst the service 1 1 ; >s-i ;0d i:: not current!)- rvif!sun>>, then 
gi'ibal w.or H'io in step SiKS jniiisf-jes {fcesevvitf: i ii'>s-! f-'xi and fmweds 'o six? KSo. 

!'h-s for wins cfcs'.'upii'-.i or" the pteferred enV>Xx3;nw«!.'> of the ihV&sHoiS ss. by w.jy « 
cx&aip!-: only, an 'J oiher va.vi3tif,:« of the abiA-e-dssCfihM e.rrtb'idiittMitt. utsd methods we 
provided by the present ircvesiiofs. Components of (hi*. invention tiwy be. iaiplsijseiiied -jshis 
a ptopzi-ni'-iCi j.Miere! purpose d;rmi >vjr«putor. ttsit>e, application specify jns-tgr.jied oirctiit 

gmfwcfirtiwy described !w.v.;;o ha«s b.-en prssefiwi tor pitfixj::-.::; -">t jfiustrBTloa :-.s:-A ?.;t sot 
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ii k i f k for establishing a «»»mt3aicalions link wish a dism; 
Kiti uu <s ihe a>n-«Bunic;stk>!.is. engine for dt-tertninmg diervs 

\ s h \ i j ! lied !■> the securiiy -neani for pf«vk:i;H'> e^-c diem, 
v t tK ki j s\ S t-, if appk; which eswfcies L'O with a swared isrvke:&iKi 
v\ > t. •><■■>* s whJd\«»bk'«^i.t.-ss io :he ici-ji-ed service. 

> ! i ii uil 'thtffeifi c.omjuunji'atioiis engtur, rtcgoEi.jies an enm'piifjf: 



s<r systsB\ ot'claici 1, whereui i/i;; 
\; fvr iriUSsiBrrjjig merges r;j and i 



1 .'; Taft system csf daim i . tisercin she s.cm;hcy sr-zans use-', putix. key tsr-llScBtes 

2 «u(he»iic3te User client. 



1 6 io M>n * U<wi S, Vie v,fi*< (odii« fnii m\ > 5 Ujt ! Jors ,<v srdthe 

2 So v.?.! c;f aathenJicstiof: to ■.kicrrmne ciifrnf privileges. 



1 ?. <systf.f« of cUiif-i 5 , wiserrin the scct'iky ;r.ea:is examples a s-io; 

2 autbenjicate she client. 
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1 8. The system of claim 1 . whsreis the security msaos ases digital signature tschitoksgy 

2 io aaflttsjtioate &c client 

1 " "~x- ;a ••ex; of t ! . \\U t«vi tat *s t h- . ■ enj.-nc K s\- \> ih~' ciii'sU a 

3 security jaeans. 

<> "t s^s 1 (>*< ! i A\y.<.i }~ "> A Ur <• '^llil tK: 
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1 \5. A irieihfd enrrinrlsiiJf she s^p;; oi: 

2 j;o!.iibi!S^;r:s> a tsrantsrvxaskstis h;;k with s clieav. 

3 cete.msiriing cises* proteges; 

.1 providing t» the client, based on Uie oHe-si sri wlcj.tts. :>n appb; vh'ch enables i 'O 

b retrieving a key which <fj);sbhx : ; sc<?s:« k> ;he :Kc«.f*«i iervia; 

i. 1o. The method of cfttirri 5 S. v-toasts cstahhshlng a cwnt-nf-ncatiofis hssk incites, the 

2 step of iismg SSL technology so create a xcars Cvifnn;«riicati«ri;; ist-k witti feu- elsem. 

1 57. The method of claim 15, wherein esabHshArsg a ootnjnwscatioft* iksk inaiadsss the 

2 step of ncgofcaiSjig m ertoyption proiowji for transferring rpessAges to and tiron '.he dies*. 

1)8 i ho fa shot ..t ■ !m\ i <* whercn ; >.'bi >?, j .^rjnnsn .>iti..n\ hnk ;r 

2 su. oi u t:ij s ^ si^ic k*> >('rt:!"-jics i " •jr.ziM^r ru -Cii'^sio S:o, i tnc vsient 

"i IV Trc method of eU-im ■ x wherein dctcrrm-sms; clica- privileges )t:i"iu;lcs Use step of 
using puhhe key certificates to- authenticate she c.iie«%. 

1 20. I'hs method of claim ; 5. wherein (ietein-ininis client privilege-;, ineiiides. the step oi" 

2 examining client kientiiy and ihe ievei of sutijenhcatiors to iies«rr?jit:e client privileges 

I 2i . Thr: ntsEhfxS oi claim 15, whereia determining dit.ax privileges. siicUiries the swp of 

?. examining s pioh.u arrt-ficaio. so ausherinrate the e'sisnt. 

1 The sneihc-d c-f eisicn IS, wherein dwermtsut-g client privies nsdude:; & s iepof 

2 using dsg;tai signsjare technology to sxrthenlkats the cheat, 
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1 23 • The method ofciasia 1 S, v/hemux es!;>bii:;mj-g a c«rora«nire«;je<ax Sink indud« : 

2 f«>rwsr>iuig ro tiio i-hrtsi a asi:uriiy applet foe enacting the che-i-i Jo k; S ; ?rr>\ a nxogfibsd 

3 security protocol. 

I 24. The method >»f daim J ?, furtiws cos«pri:,iag 0« SKp of using tfce key to 

1 25. 'Hie method of claim 15, when-.ir, (he method h performed by a $loU:l server ami 

2 turihs; e^rip'birig ,i p.l-.sba! {in-w-sJl io prices the global .server. 



1 27, The rceihod of claim i 5, whereat providing includes {fee step of ptevidiag io ihe 

2 cheat a du«et cc-Kxx'k^ with she n«cdj-c<1 service. 

1 28. The method of claim 15, forihei- convr. t\ s t $ t <.» j u * i with 

?. -he ss<.i).rt.:i service, o.r::l wberdn fjiwvcjmj- ir „ )» 5 m) ( t t > 

'> mesas. &.-r ^labHskng a >::;rt:rr.i;;5icaiioi;;; la;k with a client; 
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